<?php

//获取权限
$RightsNum = '2001';$UcId = UCID;$Group = 2;
include("./rightscontrol.php");	
//获取权限结束

$action = $_REQUEST['action'];
	if(empty($action))
	{
		//载入GROUP
		$Res = $mysql -> prepare('SELECT * FROM `mp_table` WHERE id = ?');
		$Res -> execute(array($_REQUEST['id']));
		$TableInfo = $Res -> fetch();
		$Res -> closecursor();
		
		$Res = $mysql -> prepare('SELECT * FROM `'.RC_DBTABLEPRE.'group`');
		$Res -> execute();
		$GroupList = $Res -> fetchAll();
		$Res -> closecursor();
		
		$vars = unserialize($TableInfo['vars']);
		include_once(MP_TEMPLATESDIR.'fixtable.htm');//载入HTML
	}
	
	if($action == 'update')
	{
		$title = $_REQUEST["title"];
		$group = $_REQUEST["group"];
		$rights = $_REQUEST["rights"];
		$javascript = $_REQUEST["javascript"];
		$note = $_REQUEST["note"];
		$culs = $_REQUEST["culs"];
		
		$starttime = mktime($_REQUEST['bh'],$_REQUEST['bi'],$_REQUEST['bs'],$_REQUEST['bm'],$_REQUEST['bd'],$_REQUEST['by']);
		$endtime = mktime($_REQUEST['eh'],$_REQUEST['ei'],$_REQUEST['es'],$_REQUEST['em'],$_REQUEST['ed'],$_REQUEST['ey']);
		
		$mysqlvars = array();
		$ins = explode('|||',$culs);
		for($i=0;isset($ins[$i]);$i++){
			$mysqlvars[$i] = $vars = explode('~~~',$ins[$i]);
			if(substr($vars[0],0,1) != 'i'){
				if($vars[1] == '1'){
					if(empty($vars[4]))
					{
						$Res = $mysql -> prepare('INSERT INTO `mp_inputbox` VALUES(NULL,?)');
						$Res -> execute(array($vars[2]));
						$Res -> closecursor();
						$mysqlvars[$i][0] = $mysql -> lastInsertId();
					}
					else
					{
						$mysqlvars[$i][0] = $vars[4];
					}
				}
			}
		}
		$varsstring = serialize($mysqlvars);
		$Res = $mysql -> prepare("REPLACE INTO `mp_table` VALUES($_REQUEST[id],?,?,?,?,?,?,?,?)");
		$Res -> execute(array($title,$varsstring,$starttime,$endtime,$group,$rights,$javascript,$note));
		$Res -> closecursor();
		header('Location:func.php?func=create_tea');die();
	}
	
	if($action == 'del')
	{
		$Res = $mysql -> prepare('DELETE FROM `mp_table` WHERE id = ?');
		$Res -> execute(array($_REQUEST['id']));
		$Res -> closecursor();
		header("Location:func.php?func=create_tea");die();
	}
	
	if($action == 'notim')
	{
		$Res = $mysql -> prepare('UPDATE `mp_table` SET `note` =? WHERE id =?');
		
		$ar = array();
		while($foo = each($_POST))
		{
			if(substr($foo['key'],0,2) != 'im'){continue;}
			if($foo['value'] == 'on'){$ar[substr($foo['key'],2,99)] = true;}
		}
		$Res -> execute(array(serialize($ar),$_REQUEST['id']));
		header("Location:func.php?func=create_tea");
	}
	
	if($action == 'pre')
	{
		$page = $_REQUEST['page'];
	}
?>